From owner-freebsd-bugs@FreeBSD.ORG Sun Aug 26 20:50:04 2012 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 798571065696 for ; Sun, 26 Aug 2012 20:50:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 31A378FC21 for ; Sun, 26 Aug 2012 20:50:04 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q7QKo4Kj065576 for ; Sun, 26 Aug 2012 20:50:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q7QKo43O065575; Sun, 26 Aug 2012 20:50:04 GMT (envelope-from gnats) Resent-Date: Sun, 26 Aug 2012 20:50:04 GMT Resent-Message-Id: <201208262050.q7QKo43O065575@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Elmar Stellnberger Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2D692106564A for ; Sun, 26 Aug 2012 20:42:12 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 1904E8FC18 for ; Sun, 26 Aug 2012 20:42:12 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q7QKgBMn029152 for ; Sun, 26 Aug 2012 20:42:11 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id q7QKgA46029151; Sun, 26 Aug 2012 20:42:10 GMT (envelope-from nobody) Message-Id: <201208262042.q7QKgA46029151@red.freebsd.org> Date: Sun, 26 Aug 2012 20:42:10 GMT From: Elmar Stellnberger To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/171095: provide secure hashes for downloadable isos & ports packages X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Aug 2012 20:50:04 -0000 >Number: 171095 >Category: misc >Synopsis: provide secure hashes for downloadable isos & ports packages >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Aug 26 20:50:03 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Elmar Stellnberger >Release: packages-9.0-release >Organization: >Environment: >Description: It would be very kind of you to provide secure hashes for the ports packages as well as downloadable isos. MD5 is cracked since 2004 and even against SHA alledged attacks are possible (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html). My wish would be to use the strongest available algorithm: SHA-512. Why not keep the MD5s to verify against download errors and additionally have SHA-512s for security against birthday attacks (afaa). -> ftp.freebsd.org/pub/FreeBSD/ports/*arch*/packages-X.Y-release/All/CHECKSUM.SHA-512 >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: